Travelex’s ransomware attack is an all too familiar story. An organization – large or small – falls victim to cybercriminals who lock their system and demand a ransom before they give back control. But what exactly is ransomware and how can you avoid becoming a victim?
Ransomware is malicious software that takes over your computer or network. Hackers then threaten to publish a victim’s data or block access unless a ransom is paid to recover it.
Who is at risk of a ransomware attack?
If you have a website, web application, computer system, or network, you’re at risk.
Financial services – large, small, and everyone in between – need to be aware of the dangers a ransomware attack poses to:
- Themselves
- Their customers
- Their brand reputation
After the WannaCry attack on the NHS, our founder Marios gave security advice to the listeners of BBC Radio 1.
Quick fixes to avoid ransomware
Most areas of life benefit from good habits; protecting yourself from ransomware is no different. Employ these simple security rules in your organization:
- Keep a backup of files
- Keep your antivirus software updated
- Use the latest version of your operating system
- Don’t open suspicious attachments
- A security-first strategy, involving training, for your whole organization
- Know your assets and attack surface
- Enable multi-factor authentication on all accounts
3 ways financial services can prevent ransomware
If you want to take your security to the next level, we highly recommend you follow these three steps.
1 | Understand how ransomware works
Attackers spread malicious software through email attachments, infected external storage devices and compromised websites.
Unlike most cyberattacks, the victim is notified and given instructions on how to recover their data.
Files are encrypted through cryptware and a private key is needed to gain access to data.
Demands of Bitcoin are a ransomware attacker’s de rigueur. Vasts sums of money are often involved; the current Travelex ransomware breach is demanding $3 million.
If payment isn’t made by a specific time, the ransom either goes up, or the data is destroyed.
This has led to many organizations paying the ransom. However, this is no guarantee things will then run smoothly.
After operating as a fundraising firm for 60 years, The Heritage Company was forced to close down on Christmas Eve last year. 300 people losing their jobs on Christmas Eve is a devastating blow to a community.[1]
They fell victim to a ransomware attack two months prior and felt they had to pay the ransom. However, they weren’t able to access their accounting systems and mail center.
This meant they had no way of processing and receiving funds, or even sending statements out. The CEO had to pay employees from her own pocket.
So, what can you do to avoid being in a similar situation? Being proactive and preventing attacks in the first place is the best form of defense.
You do this through regular penetration tests and vulnerability management.
2 | Regular penetration tests
The best way to understand how your IT system and web apps can be exploited and vulnerabilities found is to mimic their methods.
You do this through penetration tests conducted by Crest certified penetration testers. [2]
Weaknesses in your system – online and offline – will be scrutinized and reported. This allows financial services to evaluate, fix and strengthen their security.
Keeping data secure is vital for any sector, but it’s particularly essential within finance.
As such, a core part of regulation – including GDPR, NIS Directive, MiFID II and PSD2 – is regular testing of services and real-time vulnerability management.
3 | Vulnerability management
The holy grail for cybersecurity is to know what hackers will do before they do it. This is where vulnerability management comes into play.
Vulnerability management plays a crucial role in any IT security strategy. Using a scanner – such as our Informer app – makes it possible to find issues and identify how likely you are to fall victim to an attack.
Through proactive risk management, you’re able to make smarter, faster decisions. The faster problems are found, the faster they can be fixed.
With a real-time view of your known and unknown assets and vulnerabilities, Informer will alert you to weaknesses the moment they arise.
Take the next step to securing your IT network
Unfortunately, ransomware attacks are nearly impossible to stop. But, the good news is there are some steps you can take today.
First and foremost, be proactive. Don’t think it can’t happen to you – it can.
- Identify the areas of your system that are vulnerable
- Put practices in place to effectively monitor your attack surface
- Implement a security-first approach throughout your organization
Get in touch with our experts today to find out how we can help you secure your IT system.